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and is transmitted to the applicant according to Article 36. 
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I. Basis of the report 

1 . This report has been drawn on the basis of (substitute sheets which have been furnished to the receiving Office in 
response to an invitation under Article 14 are referred to in this report as "originally filed" and are not annexed to 
the report since they do not contain amendments.): 



Description, pages: 

1-103 

16a-16c 



as originally filed 
as received on 



23/11/1998 with letter of 



Claims, No.: 

1-30 



as received on 



23/11/1998 with letter of 18/11/1998 



Drawings, sheets: 

1/12-12/12 as originally filed 



2. The amendments have resulted in the cancellation of: 

□ the description, pages: 

□ the claims, ' Nos.: 

□ the drawings, sheets: 

3. □ This report has been established as if (some of) the amendments had not been made, since they have been 

considered to go beyond the disclosure as filed (Rule 70.2(c)): 



4. Additional observations, if necessary: 
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V. Reasoned statement under Article 35(2) with regard to novelty, inventive step or industrial 
applicability; citations and explanations supporting such statement 



1. Statement 



Novelty (N) 


Yes: 


Claims 


1-30 




No: 


Claims 




Inventive step (IS) 


Yes: 


Claims 


1-30 




No: 


Claims 




industrial applicability (iA) 


Yes: 


Claims 


1-30 




No: 


Claims 





2. Citations and explanations 
see separate sheet 



VII. Certain defects in the international application 

The following defects in the form or contents of the international application have been noted: 
see separate sheet 
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Re Item V 

Reasoned statement under Rule 66.2(a)(ii) with regard to novelty, inventive step 
or industrial applicability; citations and explanations supporting such statement 

1). Reference is made to the following documents: 

D1 : M. Bellare et al.: "iKP- A Family of Secure Electronic Payment Protocols"; 

Proceedings of the USENIX Workshop on Electronic Commerce; 1 1 July 

1995; pages 89-106; XP000579445. 
D2: WO-A-96/21192 



2). In a conventional approach to digital signature certification the problem exists that 
the certification authority's service contract is entirely with the subscriber, although 
the relying party, who bears the greatest risk of fraud or forgery in the transaction, 
has the highest interest in the information security of the transaction. 

The present invention as defined in the independent claims 1 , 8, 1 4 and 21 , 
relating to electronic transactions supporting reliance on digital signature certifi- 
cates and managing the risk of such certificates, aims at a solution to this prob- 
lem. 

In particular, it is suggested that 

- a certification authority generates electronic signals representing subscriber 
assurance of an attribute of a subscriber to the system, that 

- a reliance server obtains information regarding said subscriber assurance, and 
that 

- the reliance server issues electronic signals representing transactional assur- 
ance to a relying party. 

The key function of the reliance server is therefore to assure that the relying party 
has properly enrolled into the system and that transactional assurance is based 
on the subscriber attribute assurance. 



3). The available relevant prior art is disclosed in documents D1 and D2. 
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D1, in particular the paragraph bridging pages 89 and 90, contains a general 
discussion on secure electronic payment protocols, between relying parties 
(customer - merchant - acquirer [= gateway to existing clearing/authorization 
network]). All parties are previously provided (probably from a certification author- 
ity) with certificates, including Ks/Kp. 

D2 (e.g. the abstract) concerns the electronic sale of goods. On receiving a. 
request from a buyer, the clearinghouse makes a determination of the risk 
classification and transfers the payment amount (minus discount fee, depending 
on that classification) to the seller's account, and an invoice, for the purchase 
price, to the buyer. 

4). The specific combination of the features as suggested in the independent claims 
1, 8, 14 and 21 does not follow in an obvious manner from the available state of 
the of the art. 

The requirements of Article 33(2) and (3) PCT regarding novelty and inventive 
step are therefore met. 

Dependent claims 2-7, 9-13, 15-20 and 22-30 relate to embodiments of the 
invention defined in the independent claims and likewise meet the requirements of 
Article 33(2) and (3) PCT. 

Industrial applicability of the claimed subject-matter appears obvious (Article 33(4) 
PCT). 



Re Item VII 

Certain defects in the international application 

5). The description is not in conformity with the current claims as required by Rule 
5.1(a)(iii) PCT. 

For example, the description on page 8, line 21 to page 16, line 29 and page 17, 
line 1-25 still recites the wording of previous claims leading to an inconsistency 
between claims and : description. 
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Contrary to the requirements of Rule 5.1 (a)(ii) PCT, the relevant background art 
disclosed. in the documents D1 and D2 is not mentioned in the description, nor are 
these documents identified therein. - 
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In another aspect, this invention is an electronic transaction system. The 
system comprises an authority and a reliance server. The authority venerates 
electronic signals representing subscriber assurance of an attribute of a subscriber 
to the system; and the reliance server obtains electronic signals representing 
information regarding the subscriber assurance issued by the authority. The 
reliance server issues electronic signals representing transactional assurance to a 
relying party, the transactional assurance being based at least on the subscriber 
attribute assurance. In another aspect, this invention is a method of managing 
reliance in an electronic transaction system. In some embodiments, the method 
"comprises, by an authority, generating electronic signals representing subscriber 
assurance of an attribute of a subscriber to the system; and, by a reliance server, 
obtaining electronic signals representing information regarding the subscriber 
assurance issued b/vjhe authority, and issuing electronic signals representing; 
transactional assurance to a relying party, the transactional assurance being based 
at least on the subscriber attribute assurance. • 

In some embodiments the subscriber assurance comprises at least one of . 
(a) an identification assurance of the identity of the subscriber and (b) an 
authorization assurance of authorization of the subscriber. In some embodiments, 
the subscriber assurance comprises electronic signals representing a certificate. In 
some other embodiments, the reliance server issues electronic signals representing 
assurance to the relying party based also on information provided by the relying 
party. In some other embodiments, the request for transactional assurance comes 
from the relying party, sometimes directly. In some embodiments, the reliance 
server issues the electronic signals representing the transactional assurance 
directly to the relying party. 

GEANDERTES BLATT 
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In another aspect, this invention is a method of managing reliance in an 
electronic transaction system in which an authority issues subscriber assurance of 
an attribute of a subscriber to the subscriber. The method comprises receiving 
electronic signals representing a transaction associated with a subscriber, the 
transaction including information regarding at least one attribute of that 
subscriber; creating a reliance request message specifying at least one aspect of 
the transaction upon which a relying party intends to rely; and causing electronic- 
signals representing the reliance request message to be sent to a reliance server 
requesting a transactional assurance for the aspect of the transaction upon which 
the relying party intends to rely. In some embodiments, the method further 
includes receiving electronic signals representing a transactional assurance from 
the reliance server; and continuing the transaction with the subscriber based on 
informatrsifin the transactional assurance. Sometimes the electronic signals 
representing the transactional assurance are received in response to the sending of 
the reliance request message. 

In some cases the subscriber assurance comprises at least one of (a) an 
identification assurance of the identity of the subscriber and (b) an authorization 
assurance of authorization of the subscriber. 

The reliance request message can come from the relying party, directly or 
indirectly. 

The reliance server can issue the electronic signals representing the 
transactional assurance directly to the relying party. 

In yet another aspect, this invention is a method of managing reliance in an 
electronic transaction system in which an authority issues subscriber assurance of 
an attribute of a subscriber to the subscriber. The method includes receiving 

- rPAND-RT£S BLATT 
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electronic signals representing a reliance request message, the message specifying 
an aspect of a transaction with a subscriber upon which a> relying party intends to 
rely and requesting assurance for the aspect of the transaction; determining 
whether to provide transactional assurance based" on the reliance request message; 
and generating electronic signals representing an indication of whether 
transactional assurance is available. 

In some embodiments, the method further includes receiving electronic 
signals representing the transactional assurance; and continuing the transaction 
based on information in the transactional assurance. 

The electronic signals representing the transactional assurance may be 
received in response, to the sending of the request message. 

The subscriber assurance may comprise at least one of (a) an identification 
assurance of the identity -ef the subscribe! and (b) an authorization assurance of 
authorization of the "subscriber. The reliance request message comes from the 
relying party, directly or indirectly. The electronic signals representing the 
transactional assurance may be issued directly to the relying party. The reliance 
request message may include certificate information derived from the transaction 
and the determining whether to provide the transactional assurance may further 
comprise determining the status of certificates associated with the transaction. 
This may include determining whether certificates associated with the transaction 
have been revoked or suspended. 
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What is claimed: 



1. An electronic transaction system comprising: 
an authority generating electronic signals representing; 
subscriber assurance of an attribute of a subscriber to the system; and~ 

a reliance server obtaining electronic signals representing 
information regarding the subscriber assurance issued by the 
authority, the reliance server issuing electronic signals representing 
transactional assurance to a relying party, the transactional assurance 
being based at least on the subscriber attribute assurance. 

2. A system as in claim 1 wherein the subscriber assurance 
comprises at least one of (a) an identification assurance of the 
identity of the subscriber and (b) an authorization assurance of 
authorization of the subscriber. 

.3. A system as in claim 1 wherein the subscriber assurance 
comprises electronic signals representing a certificate. 

4- A system as in claim 1 wherein the reliance server issues 
electronic signals representing assurance to the relying party based 
also on information provided by the relying party. 

5. A system as in claim 1 wherein the request for 
transactional assurance comes from the relying party. 
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• 6. A system as in claim 4 wherein the request for 
transactional assurance comes directly from the relying party. 

7. A system as in claim 1 wherein the reliance server issues 
the electronic signals representing the transactional assurance 
directly to the relying party. 

8. A method of managing reliance in an electronic 
transaction system, the method comprising: 

by an authority, generating electronic signals representing 
subscriber assurance of an attribute of a subscriber to the system; and 
by a reliance server, " 
. . obtaining elex;rj:onic. signals representing information 
regarding the subscriber assurance issued by the authority, and 
issuing electronic signals representing transactional 
assurance to a" relying party, the transactional assurance being based 
at least on the subscriber attribute assurance. 

9. A method as in claim 8 wherein the subscriber assurance 
comprises at least one of (a) an identification assurance of the 
identity of the subscriber and (b) an authorization assurance of 
authorization of the subscriber. 



10. A method as in claim 8 wherein the subscriber assurance 
comprises electronic signals representing a certificate. 
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11. A method as in claim 8 wherein the reliance server issues 
electronic signals representing assurance to the relying party based 
also on information provided by the relying party. 



12. A method as in claim 8 wherein the request for 
transactional assurance comes from the relying party. 

13. A method as in claim 12 wherein the request for 
transactional assurance comes directly from the relying party. 

14. A method of managing reliance in an electronic 
transaction syzxz??. in which an authority issues subscriber assurance 
of an attribute of a subscriber to the subscriber, the method 
comprising: 

receiving electronic signals representing a transaction 
associated with a subscriber, the transaction including information 
regarding at least one attribute of that subscriber; 

creating a reliance request message specifying at least one 
aspect of the transaction upon which a relying party intends to rely; 
and ■ 

causing electronic signals representing the reliance request 
message to be sent to a reliance server requesting a transactional 
assurance for the aspect of the transaction upon which the relying 
party intends to rely. 
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15. A method as in claim 14 further comprising: 
receiving electronic signals representing a transactional 

assurance from the reliance server; and 

continuing the transaction with the subscriber based on 
information in the transactional assurance. 

16. A method as in claim 15 wherein the electronic signals 
representing the transactional assurance are received in response to 
the sending of the reliance request message. 

17. A method as in claim 14 wherein the subscriber 
assurance comprises at least cue of (a) an identification assurance of 
the identity of the subscriber and (b) an authorization assurance of 
authorization of the subscriber. 

18. A method as in claim 14 wherein the reliance request 
message comes from the relying party. 

19. A method as in claim 14 wherein the request message 
comes directly from the relying party. 

20. A method as in claim 14 wherein the reliance server- 
issues the electronic signals representing the transactional assurance 
directly to the relying party: 
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21. A method of managing reliance in an electronic 
transaction system in which an authority issues subscriber assurance 
of an attribute of a subscriber to the subscriber, the method 
comprising: 

receiving electronic signals representing a reliance request 
message, the message specifying an aspect of a transaction with a 
subscriber upon which a relying party intends to rely and requesting 
assurance : for the aspect of the transaction; 

determining whether to provide transactional assurance based 
on the reliance request message; and 

generating electronic signals representing an indication of 
whether transactional assurance is available. ' 

22. A method as in claim 21 further comprising: 
receiving electronic signals representing the transactional 

assurance; and 

continuing the transaction based on information in- the 
transactional assurance. 

23. A method as in claim 22 wherein the electronic signals 
representing the transactional assurance are received in response to 
the. sending of the request message. 
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24. A method as in claim 21 wherein the subscriber - 
assurance comprises at least one of (a) an identification assurance of 
the identity of the subscriber" and (b) an authorization assurance of 
authorization of the subscriber. 

25. A method as in claim 21 wherein the reliance request 
message comes from the relying party. 

26. A method as in claim 21 wherein the reliance request 
message comes directly from the relying party. 

27. A method as in claim 21 wherein the electronic signals 
representing the transactional assurance are issued directly io the 
relying party. 

28. A method as in claim- 21 wherein the reliance request • 
message includes certificate information derived from the 
transaction. . ' 

29. A method as in claim 27 wherein the determining 
whether to provide the transactional assurance further comprises: 

determining the status of certificates associated with the 
transaction. 
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